The top 20 network exploiting techniques:
- Port Scanning: This is the process of scanning a network to find open ports.
- Banner Grabbing: This technique is used to gather information about a computer system on a network and the services running on its open ports.
- Service Enumeration: This involves identifying network services running on a host and the associated ports.
- Vulnerability Scanning: This is the process of scanning a network to identify potential vulnerabilities.
- ARP Poisoning: This is a type of attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over a local area network.
- Man-in-the-Middle Attack: This is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
- Denial of Service (DoS) Attack: This is an attack where the attacker floods the victim's network with traffic to make it unavailable to its users.
- Distributed Denial of Service (DDoS) Attack: This is a type of DoS attack where multiple compromised systems are used to target a single system.
- Packet Sniffing: This is the process of monitoring network traffic, usually for the purpose of gathering information.
- Session Hijacking: This is an attack where an attacker takes over a session between a client and a server.
- DNS Spoofing: This is a type of computer attack wherein a user is forced to navigate to a fake website disguised as a real one, and the user's input is then stolen by the attacker.
- SQL Injection: This is an attack where an attacker can execute malicious SQL statements.
- Cross-Site Scripting (XSS): This is a type of computer security vulnerability typically found in web applications.
- Cross-Site Request Forgery (CSRF): This is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
- Clickjacking: This is an attack where an attacker tricks a user into clicking on a hidden link.
- Buffer Overflow: This is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
- Session Fixation: This is an attack that permits an attacker to hijack a valid user session.
- LDAP Injection: This is a type of security exploit that is used to compromise the authentication process used by some websites.
- Buffer Overflow: This is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
- Format String Attack: This is a type of software vulnerability discovered around 2000 that can be used in security exploits.